We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

network monitoring software??

ccurcio
ccurcio asked
on
Medium Priority
351 Views
Last Modified: 2012-05-05
im not really sure if this type of software exists, but here is my plight.

im the "network administrator" (fresh out of college tech kid), at a medium sized company.

people on my network are going to questionable websites all the time(streaming video + radio), and using software that is not fit for the workplace(limewire + messaging clients). anyway the higher ups want me to be able to monitor and block what users on the network are doing. im assuming i need url blocking, and port blocking, plus a network usage monitor for each client on the network....

my setup is.....

win2003 domain controller ethernet to about 50 stations running xp pro.

what solution is best for me?


thanks in advance
.chris.
Comment
Watch Question

use Proxy

search for Microsoft ISA or WinProxy

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
You have a few options.

As previously mentioned, a proxy server and/or Application-based firewall such as MS ISA Server would suffice your needs.

Also Websense (http://www.websense.com) will do the job quite well.

There are a plethora of hardware (and software) devices out there that will monitor web traffic and allow you to block sites at will. Do a little research, and you will find options a plenty.

 

Commented:
ISA Proxy is a good start.

If your company wants a true IPS and the ability to block users from accessing certain sites and services think http://www.sourcefire.com

Another option is to use a product like LanDesk security suite. There are good rules and policy setting features there.

It depends on how crazy they want to get with money.

Author

Commented:

all these solutions seem good, but they do alot more than i need.

company wouldnt have any problem spending around $1500 on the software, but all i really need is to block certian websites, and ports over the network.

as far ISA is looking decent though like i said, it does way more than i want
Do you have any routers or firewalls in your organization?

You can create a few simple access-lists to block ports and websites. And it's free. =)
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Or you could look for something like WinProxy (http://www.winproxy.com) . But yeah, it's a pain in the neck that companies love tying together their products... makes it a little harder for you to put together a best of breed or a "best for me" package.

If you want something more hardware related, but I know couldn't be that cheap (or they wouldn't make money) would be a PacketShaper from Packeteer (http://www.packeteer.com).
Well I'm a Netware shop myself, but the product we use for blocking which is pretty effective is SurfControl (www.surfcontrol.com). It comes with a predefined database of sites that updates every day and you can add your own if you find that folks are getting around the monitor. It does require that you run your proxy though.

If you aren't doing that then you might want to look at getting Vericept (Vericept.com). Some other schools with more money have gone for that and are very happy with it.

I'd be interesting in finding your network traffic monitor as I'm looking for a good one for cheap as well.

Good luck.

Get a firewall no matter is it hardware or software firewall, it does matter
that you have one, so you can create a policies for the incoming/outgoing
packets. I recommend that you install a software firewall on a gateway
machine (the machine everybody is using to access the internet). You can
find out that doing "ipconfig" in a DOS prompt on any client's machine.
You'll get the result like this:

C:\>ipconfig
Windows IP Configuration
PPP adapter ADAPTERNAME:
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 82.208.195.51
        Subnet Mask . . . . . . . . . . . : 255.255.255.255
        Default Gateway . . . . . . . . . : 82.208.195.51

the line "Default Gateway . . . . . . . . . : 82.208.195.51" is the one you need.

Also, you may find useful some network packets analyzers, like:

CommView
http://www.tamos.com/download/main/index.php

EtherDetect
http://www.etherdetect.com/download.htm

which will help you when you have some sort of traffic that you cannot
check/control under firewall, including all TCP/UDP/ICMP/etc. packets.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Is there a policy in place against inappropriate computer usage already? If not, you may want to look into that. That's the first thing... make sure the rules are in place to leave you open to monitoring and whatnot.

But then with something like your filter or your packet analyzer, you can actually start figuring out WHO is doing it, then trace it back to them.
Commented:
This is a checklist of 10 ways to monitor what your users are doing with company computers.

http://techrepublic.com.com/5138-1009-6029395.html?tag=nl.e138

Registration is free too.

The document is a pdf and has links to other free resources as well.
Commented:
If you have an old box lying around why not try downloading "clark connect" software.
It has loads of functions, Firewall based on iptables, squid for proxy, dansguardian as content filter, snortsam for IDS.

They have a free trial version or home version, but for a corporation you should purchase it if you like it as it is very reasonably priced.
Extremely easy to use and configure www.clarkconnect.com.
Commented:
I would take a look at PRTG Traffic Grapher.

www.paessler.com

This program comes complete with a packet sniffer which when setup will enable you to see where the main offenders are and what ports to block to stop them doing it.

You could then buy a firewall/application layer or tie down there machines to prevent them doing this.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.